EasyJet hack leaves 9 million customer details exposed

The budget European airline, which has seen its fleet grounded by coronavirus, said the unauthorized access to its systems had been closed off.
Image: FILE PHOTO: The spread of the coronavirus disease (COVID-19) in Luton
Easyjet planes on the tarmac in Britain.Matthew Childs / Reuters file

Breaking News Emails

Get breaking news alerts and special reports. The news and stories that matter, delivered weekday mornings.
SUBSCRIBE
By Sam Shead, CNBC

EasyJet announced on Tuesday that it has suffered a major cyber attack from a “highly sophisticated” source.

The budget European airline, which has seen its fleet grounded by coronavirus, said the unauthorized access to its systems had been closed off.

An investigation by the airline revealed that 9 million customers had their email addresses and travel details accessed, while 2,200 customers had their credit card details exposed. Affected customers will be contacted in the next few days, EasyJet said.

The airline did not disclose when the attack happened or how long it lasted. The company was not immediately available for comment when contacted by CNBC.

EasyJet CEO Johan Lundgren said in a statement that the company takes the cyber security of its systems seriously, “however, this is an evolving threat as cyber attackers get ever more sophisticated.”

Lundgren said EasyJet will be urging affected customers to be “extra vigilant,” especially if they receive suspicious emails.

“We will continue to invest in protecting our customers, our systems, and our data,” he said. “We would like to apologize to those customers who have been affected by this incident.”

EasyJet said it is working with the National Cyber Security Centre and the Information Commissioner’s Office, which is the U.K. data regulator.